Global ransomware attacks are increasingly linked to nation states, with the lines between politics and crime often blurring, Europe’s police agency said on Tuesday.
Key ransomware attacks include the so-called WannaCry and NotPetya malware, which infected hundreds of thousands of computers around the world in 2017, demanding that users pay ransoms to regain access.
“Ransomware retains its dominance,” said Europol’s latest annual report on cybercrime.
“In addition to attacks by financially motivated criminals, a significant volume of public reporting increasingly attributes global cyber-attacks to the actions of nation states,” said the agency, based in The Hague.
The report added that it was “increasingly difficult” to determine whether it was a “sophisticated” cybercrime organised crime group, a state sponsored attacker, or a cybercrime amateur.
On September 6, the US charged a North Korean programmer with the WannaCry hack, the 2014 Sony Pictures attack and a 2016 cyber-heist on Bangladesh’s central bank, alleging they were carried out on behalf of the regime in Pyongyang.
In February the United States and Britain blamed the Russian military for the “NotPetya” ransomware, calling it a Kremlin effort to destabilise Ukraine which spun out of control.
Europol said cyberattackers are also abandoning “random attacks” on mass targets in favour of tailored targeting of people and businesses “where greater potential benefits lie.”
At the same time, Europol said cyberattackers who once trained their sights on traditional financial businesses were now focusing on cryptocurrencies such as Bitcoin.
However classic internet phishing scams — emails that offer technical support, money-making scams or romance — “still result in a considerable numbers of victims,” said the agency.
– ‘Most disturbing’ –
Europol also raised the alarm over the live streaming of child sex abuse, a growing part of what it called the “most disturbing aspect of cyber-crime.”
“Live streaming of child sexual abuse remains a particularly complex crime to investigate and is likely to further increase in the future,” it said.
This involved both material uploaded by offenders, and also by children who were either tricked into uploading explicit material, or made to do it through extortion.
Europol meanwhile warned that the European Union’s flagship new data protection laws introduced in May were “significantly hampering the ability of investigators across the world to identify and investigate online crime.”
It said the world’s internet body had ordered the removal of all personal data from the global domain name database — formerly a key resource for police — as it did not comply with the EU law.
Europol chief Catherine De Bolle said this development “emphasises the need for law enforcement to engage with policy makers, legislators and industry, in order to have a voice in how our society develops.”